Zimperium – 2023 Mobile Banking Heists Report

Posted on: 08/01/2024 By:Moa Karlsvärd

Mobile Finance Apps are a Prime Target for Hackers

The mobile banking market is on a rapid ascent, projected to hit the $7 billion mark by 2032, fueled by consumer demands for seamless and personalized banking experiences. However, this surge is accompanied by a dramatic growth in financial fraud. According to LexisNexis’ 2022 True Cost of Fraud Study, in the US, mobile fraud accounted for 32% and 37% of all fraud, respectively, an increase of 5% and 12%.

Banking trojans continue to evolve and succeed due to their ability to persist, bypass security, and evade detection on mobile devices. As investment from fast-moving threat actors continues to increase, traditional security practices are unable to keep up.

Mobile is the digital channel of choice for banking and the target of choice for malicious actors employing banking trojans to compromise banking apps. Understanding the evolution, tactics, and impact of mobile banking malware is essential to building secure mobile banking apps that can defend against on-device abuse and garner customer trust.

In this report, we aim to give mobile product and security leaders the knowledge they need to develop mobile app security strategies that align with today’s sophisticated malware. It is an essential read for those at the forefront of combating threats on the mobile platform.

What’s Inside?

Key Research Insights
Top Targeted Financial Apps
New Fraud, Theft & Account Takeover Capabilities
Best Practices to Combat Malware
How Zimperium Can Help

LADDA NER HELA RAPPORTEN

Cloudian – upptäck framtidens datalagring

Posted on: 23/04/2024
By: Moa Karlsvärd

Cloudian omdefinierar datalagring med innovativa lösningar som hanterar ostrukturerad data i stor skala, så […]

Radware – 2024 Global Threat Analysis Report

Posted on: 18/03/2024
By: Moa Karlsvärd

Discover the cyberattack trends that will change the way you protect your business. Radware’s […]

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 month	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	2 years	LinkedIn sets this cookie to store performed actions on the website.
ELOQUA	1 year 1 month	The domain of this cookie is owned byOracle Eloqua. This cookie is used for email services. It also helps for marketing automation solution for B2B marketers to track customers through all phases of buying cycle.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_154241828_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
ELQSTATUS	1 year 1 month	This cookie is set by Eloqua. This cookie is used by PwC to track individual visitors and their use of site. This is set on the first visit of the visitor to the site and updated on subsequent visits.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	No description
ELQCOUNTRY	session	No description available.
izcid	1 year	Information about the consent to InZynk processing of personal data We obtain your consent to the processing of personal data on the behalf of InZynk AB (“InZynk”). Information collected from cookies set in your device that qualify as personal data will be processed by InZynk, a company offering lead identification and ad targeting services with offices in Stockholm and Trondheim. Please see below for full contact details. The purpose for the processing of the personal data is that it enables InZynk to improve a service rendered to us and our website by adding data to their database about companies. The data that is collected and used by InZynk to achieve this purpose is information about the IP-address from which you visited our website, and technical information that enables InZynk to tell apart different visitors from the same IP-address. InZynk stores the domain from form input in order to correlate the IP-address with your employer. For the full information about our processing of personal information, please see our full Privacy Policy. You may at any time withdraw your consent to this processing. Such withdrawal may be made either by contacting us, or by contacting InZynk directly. InZynk AB Company reg. no 559229-9233 Kungsgatan 32 111 35 Stockholm Sweden inzynk.com – post@inzynk.com \| InZynk Statement on (GDPR)
iztid	1 year	Information about the consent to InZynk processing of personal data We obtain your consent to the processing of personal data on the behalf of InZynk AB (“InZynk”). Information collected from cookies set in your device that qualify as personal data will be processed by InZynk, a company offering lead identification and ad targeting services with offices in Stockholm and Trondheim. Please see below for full contact details. The purpose for the processing of the personal data is that it enables InZynk to improve a service rendered to us and our website by adding data to their database about companies. The data that is collected and used by InZynk to achieve this purpose is information about the IP-address from which you visited our website, and technical information that enables InZynk to tell apart different visitors from the same IP-address. InZynk stores the domain from form input in order to correlate the IP-address with your employer. For the full information about our processing of personal information, please see our full Privacy Policy. You may at any time withdraw your consent to this processing. Such withdrawal may be made either by contacting us, or by contacting InZynk directly. InZynk AB Company reg. no 559229-9233 Kungsgatan 32 111 35 Stockholm Sweden inzynk.com – post@inzynk.com \| InZynk Statement on (GDPR)
li_gc	2 years	No description

Zimperium – 2023 Mobile Banking Heists Report

Mobile Finance Apps are a Prime Target for Hackers

Cloudian – upptäck framtidens datalagring

Radware – 2024 Global Threat Analysis Report

Information about the consent to InZynk processing of personal data

Information about the consent to InZynk processing of personal data